Attackers Automate Social Media Reconnaissance for Personalized Phishing in 2026

Attackers in 2026 use automated tools to scrape LinkedIn profiles, job postings, and connections to gather specific details about targets. They craft phishing emails referencing personal or professional context, such as recent conferences or projects, and send them at strategic times. Reports from Hoxhunt and Mandiant highlight a 14x increase in AI-generated phishing and vishing as a common attack method. A notable example is the Drift Protocol attack, which resulted in a $285 million loss through social engineering alone.